Solved

Need to access VPN network as well as local network

Posted on 2011-03-10
5
240 Views
Last Modified: 2012-06-27
Hello,
we have 2 networks in my organisation, one is a untunnelled VPN network which we connect thru CISCO  VPN client. we access some software thru that  and at the same time try to access some file servers in the local network or other shares in any computers in the domain.
Both networks are of different subnet  how can we access both network resources at the same time ?
0
Comment
Question by:joseph301074
5 Comments
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 35096426
yes it is possibe. you need to add spolit tunnel ACL for booth subnets...
0
 
LVL 57

Accepted Solution

by:
Pete Long earned 250 total points
ID: 35096627
Im unfamiliar with the spolit tunnel - I think my learned colleague means split tunnel :) http://www.petenetlive.com/KB/Article/0000066.htm

0
 
LVL 2

Assisted Solution

by:_valkyrie_
_valkyrie_ earned 250 total points
ID: 35096655
This is how we do it with a Cisco ISR:


crypto isakmp client configuration group Employees
 key <somepassword>
 dns <ip of your dns server at location with cisco router>
 domain <your domain at location with cisco router>
 pool rap-1
 acl ra-split-acl
 split-dns <your domain at location with cisco router>

crypto dynamic-map dm-corporate-mesh-vpn 1
 set transform-set esp-aes-sha 
 reverse-route
 qos pre-classify

crypto map cm-corporate-mesh-vpn client authentication list authen-cm-corporate-mesh-vpn
crypto map cm-corporate-mesh-vpn isakmp authorization list author-cm-corporate-mesh-vpn
crypto map cm-corporate-mesh-vpn client configuration address respond
crypto map cm-corporate-mesh-vpn 65535 ipsec-isakmp dynamic dm-corporate-mesh-vpn

ip local pool rap-1 192.168.250.1 192.168.250.254

ip access-list extended ra-split-acl
 permit ip <address info for location with cisco router> 0.0.0.255 any

Open in new window

0
 
LVL 68

Expert Comment

by:Qlemo
ID: 35349224
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Cisco vlan question 12 39
AnyConnect - VPN server list 2 16
Cisco Any Connect Client 5 13
Office 365 vs. In-House 3 19
The Cisco RV042 router is a popular small network interfacing device that is often used as an internet gateway. Network administrators need to get at the management interface to make settings, change passwords, etc. This access is generally done usi…
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now